Computer Crime Research Center

Cybercrime - together we can defeat it

The chief technology officer of online gaming portal Betfair has called on more government and industry cooperation to combat the growing threat of distributed denial of service (DDoS) attacks to online businesses.

In an exclusive interview with silicon.com sister site ZDNet UK, David Yu said that DDoS attacks may have only really affected a handful of businesses so far but any company that relies on the web to transact with customers or partners should be aware of the problem.

"I think in general, there is a lot more that the ecommerce industry as a whole needs to be aware of. Security threats are not a gaming related problem, they could easily affect any other ecommerce company, online travel, online books, they could affect healthcare and government," he said. "I think there have been some sectors who have said its not our problem; its not for us to worry about - well I would tell them that it is going to be their problem if they don't pay attention."

Betfair, along with several other UK betting sites, has been targeted by Web-based criminals -- and has been a victim of DDoS attacks on three separate occasions. The attacks work by flooding servers with traffic often generated by hijacking private PCs -- so called botnets.

In July the company admitted that its main exchange site was affected for just over an hour due to a DDoS attack. The attack prevented users from accessing the site with some customers claiming they been unable to view or place bets and some claiming to have lost money.

Yu, recently voted Daily Telegraph IT Director of the Year 2004 and runner up in the CNET UK Technology Awards, explained that during a period of sustained DDoS attacks earlier this year, various gaming organisations banded together to exchange information on how best to tackle the problem.

"What we saw is that the gaming industry as a whole has been under threat but worked pretty well at the time to combat the problem together. What we started to do was have industry-wide forums where the heads of infrastructure from all these other companies got together," he said.

"It worked very well, it was nice to see that the industry, although we compete against each other as hard as we can, here was a common threat which we came together to combat and shared information," he added.

Yu claimed that although its own service provider Cable &Wireless had been very effective, there is a lot more that ISPs could be prevent DDoS attacks and help security agencies track down the culprits.

"I think there is more that network providers and ISPs can do. A lot of these attacks stem from individual [broadband-connected] PCs being compromised and then using that broadband access to flood these sites. We think that ISPs could do a lot if they took more responsibility. We do see a mix -- we see some network providers who work very actively to try and cleanse their system and provide high-quality bandwidth and the others who don't."

Yu's comments echo earlier remarks from ex-US cybersecurity chief Richard Clarke earlier this month, who said: "I think we are going to see companies asking their ISPS to do more. A lot of denial-of-service attacks could be prevented if ISPs co-operated with each other."